Answered by:

Moving Primary Domain Controller

Question

I have One Domain Controller in my network. It is also the only DNS and DHCP server. I am wanting to demote this server as a backup domain controller and make another server the primary domain controller with the DNS and DHCP roles. How would i go about doing this? I want to move the global catalog to the new server and possibly have the old server a backup DNS and DHCP server as well. Thanks for your help in advanced!

Answers

I have One Domain Controller in my network. It is also the only DNS and DHCP server. I am wanting to demote this server as a backup domain controller and make another server the primary domain controller with the DNS and DHCP roles. How would i go about doing this? I want to move the global catalog to the new server and possibly have the old server a backup DNS and DHCP server as well. Thanks for your help in advanced!

-Chris

Here's a high level step-by-step:

Install a new server box with Windows Server. Apply the latest Service Pack and Windows Updates.

Install this server with the same Windows Server version as your current server or a newer version.

Note:When you install the box with a newer version of Windows prepare your Active Directory before you promote the new server to a Domain Controller. (More information)

Install DNS and promote the new server to a Domain Controller. Make it an additional Domain Controller for the same Active Directory domain in the same Active Directory forest as your current Domain Controller. (More information) Be sure to check the Event Viewer logs on both Domain Controllers and the dcpromo.log and dcpromoui.log on the new Domain Controller to ensure promotion and replication. Congratulations! You now have two Domain Controllers.

Make the new Server a Global Catalog and restart it afterwards. (More information)

Transfer the five Flexible Single Master Operation (FSMO) Roles from the current Domain Controller to the new Domain Controller. (More information) One of the FSMO roles is the PDC emulator role. After transfering this role to your new server it is the equivalent of the Primary Domain Controller. (PDC)

Install the DHCP Server on the new Domain Controller and migrate the DHCP database from the old Domain Controller to the new Domain Controller. (More information) Make sure the DHCP Scope is deactivated on the old server.

Change the DHCP Scopes on both servers. In the DHCP Scope on the new server assign the IP address of the new Domain Controller as the primary DNS Server. This last step will ensure your client will begin using the new Domain Controller as their Primary DNS server after their DHCP lease expires. (More information)

I've chosen to disable the old DHCP server and migrate it to the new server. Alternatively you can also create a 80% scope and a 20% scope on the new and old server respectively. (More information) I've chosen to keep the old server a Global Catalog as well, because of the Infrastructure Master rule of thumb.

All replies

I have One Domain Controller in my network. It is also the only DNS and DHCP server. I am wanting to demote this server as a backup domain controller and make another server the primary domain controller with the DNS and DHCP roles. How would i go about doing this? I want to move the global catalog to the new server and possibly have the old server a backup DNS and DHCP server as well. Thanks for your help in advanced!

-Chris

Here's a high level step-by-step:

Install a new server box with Windows Server. Apply the latest Service Pack and Windows Updates.

Install this server with the same Windows Server version as your current server or a newer version.

Note:When you install the box with a newer version of Windows prepare your Active Directory before you promote the new server to a Domain Controller. (More information)

Install DNS and promote the new server to a Domain Controller. Make it an additional Domain Controller for the same Active Directory domain in the same Active Directory forest as your current Domain Controller. (More information) Be sure to check the Event Viewer logs on both Domain Controllers and the dcpromo.log and dcpromoui.log on the new Domain Controller to ensure promotion and replication. Congratulations! You now have two Domain Controllers.

Make the new Server a Global Catalog and restart it afterwards. (More information)

Transfer the five Flexible Single Master Operation (FSMO) Roles from the current Domain Controller to the new Domain Controller. (More information) One of the FSMO roles is the PDC emulator role. After transfering this role to your new server it is the equivalent of the Primary Domain Controller. (PDC)

Install the DHCP Server on the new Domain Controller and migrate the DHCP database from the old Domain Controller to the new Domain Controller. (More information) Make sure the DHCP Scope is deactivated on the old server.

Change the DHCP Scopes on both servers. In the DHCP Scope on the new server assign the IP address of the new Domain Controller as the primary DNS Server. This last step will ensure your client will begin using the new Domain Controller as their Primary DNS server after their DHCP lease expires. (More information)

I've chosen to disable the old DHCP server and migrate it to the new server. Alternatively you can also create a 80% scope and a 20% scope on the new and old server respectively. (More information) I've chosen to keep the old server a Global Catalog as well, because of the Infrastructure Master rule of thumb.

I'm getting ready to introduce a new server into our domain to take over the roles of DC, AD and DNS. Our current environment has 2 Windows 2008 R2 servers and we're adding a 3rd mentioned above. The main server currently holding the above roles is also
our Exchange and many other roles so we'd like to offload these roles from the existing server to the new server. So we were looking for some good, step-by-step instructions for performing this move. It seems like there are built-in wizards to help with this,
but we would like to know what prep work we should be doing??? How can we inspect our current AD for any errors and to ensure it is as clean as possible to move over? What other prep tasks should we be considering. Should we initialize the new OEM server in
the existing environment? Or can we initialize it offsite and then bring it onsite once it's close to being ready? How do you copy the GC over or does this happen when you add it to the domain? Any help is appreciated and the instructions above are a great
start.

I'm getting ready to introduce a new server into our domain to take over the roles of DC, AD and DNS. Our current environment has 2 Windows 2008 R2 servers and we're adding a 3rd mentioned above. The main server currently holding the above roles is also
our Exchange and many other roles so we'd like to offload these roles from the existing server to the new server. So we were looking for some good, step-by-step instructions for performing this move. It seems like there are built-in wizards to help with this,
but we would like to know what prep work we should be doing??? How can we inspect our current AD for any errors and to ensure it is as clean as possible to move over? What other prep tasks should we be considering. Should we initialize the new OEM server in
the existing environment? Or can we initialize it offsite and then bring it onsite once it's close to being ready? How do you copy the GC over or does this happen when you add it to the domain? Any help is appreciated and the instructions above are a great
start.

From my point of view best way is to install new fresh copy of Windows Server. Apply all SP-a and patches. Then promote this as additional DC in your domain and configure it as a Global Catalog. Transfer FSMO roles to new server, and then you can demote
your old server.

Best regards Dubravko Marak
MCP, MVP
Blog: Windows Server Administration
Please remember to click “Mark as Answer” on the post that helps you, and to click
“Unmark as Answer” if a marked post does not actually answer your question. Please
VOTE as HELPFUL if the post helps you. This can be beneficial to other community members reading the thread.

Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.